CVE-2025-40978 | WorkDo eCommerceGo SaaS POST Request /ticket/x/conversion reply_description cross site scripting

A vulnerability classified as problematic has been found in WorkDo eCommerceGo SaaS. This issue affects some unknown processing of the file /ticket/x/conversion of the component POST Request Handler. This manipulation of the argument reply_description causes cross site scripting.

This vulnerability is registered as CVE-2025-40978. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More